This year was a punishing one on the security front, with massive attacks like WannaCry and NotPetya causing massive business damage and unprecedented data breaches spawning chaos for customers of Equifax, Medicare, and Yahoo. Yet as Australia slides into holiday-season laissez-faire and prognosticators turn their eyes to 2018, the consensus is that the pressure on CSOs is only likely to get worse next year.

Malwarebytes, for one, believes the cryptojacking “gold rush” will be the primary motivator for cybercriminals that will exploit victims’ computing resources to mine cryptocurrency. The company also anticipates a greater focus on breaching educational institutions; growth in the PowerShell-based exploits that opened up a new form of attack on ubiquitous Microsoft Office software; continued growth in the cybercriminal underground; more direct attacks on security software; increasing use of worms to launch malware; and additional concerns about Internet of Things (IoT) security that will extend to potentially life-threatening hacks of connected medical equipment.

“Our Labs’ findings show no signs of a slowdown in 2018,” CEO Marcin Kleczynski said in a statement. “Hacker tools and techniques are increasing in sophistication and accessibility. We are seeing a new army of cybercriminals coalesce, lured by inexpensive tools and the promise of an easy profit – often publicised and glorified in the media. The forthcoming attacks will require more cybersecurity training, increased education and awareness and a multi-layered approach to business and personal security.”

Comodo vice president of cybersecurity Carlos Solari warned about the security implications of an industry that is “at the moment of massive changes” but continues to play catch-up when it comes to IoT infrastructure – which is rapidly expanding to accommodate smart devices, self-driving cars, and supporting infrastructure. “We need to be as vigilant with these types of devices as we are with PCs and servers,” Solari said.

Cybercriminals would organise themselves into as-a-service organisations, he added, acting as foils to a cybersecurity industry where customers will increasingly take security products as a service to speed adoption and simplify administration. New AI-based security tools and ransomware scanners, as well as better techniques for using digital certificates to certify legitimate tools, would be developed as innovation in the sector evolves to fight ever more-complex malware attacks.

As well as increasingly damaging ransomware attacks and exploitation of credentials stolen from users of travel sites, security tools provider NordVPN warned of an increase in attacks on IoT devices, larger ransomware attacks, and the impact of regulation such as the EU GDPR, UK’s Digital Economy Bill, and a Dutch referendum on government surveillance powers.

RiskIQ chief data scientist warned that cybercriminals would increasingly use and refine adversarial machine-learning (AML) models to avoid detection by systems at target organisations: “machine learning models will need to evolve quickly to keep up with these threats by incorporating instance-based approaches,” he advised.

“The value of large data lakes will increase as security companies turn to machine learning-based solutions. The most valuable of these data sets will be hand-curated, labelled data sets that can be used to train supervised machine learning models.”

McAfee Labs is also concerned about AML, with a looming ‘arms race’ between attackers and defenders setting the stage for a different kind of cybersecurity conflict in the future. Ransomware will also drive the agenda as it evolves from traditional PC extortion to infecting IoT devices, McAfee warned in its 2018 Threats Predictions Report, with off-the-shelf ransomware tools becoming more popular and payment-based attacks giving way to more attacks focused on sabotage and business disruption.

Serverless apps would create new vulnerabilities by increasing organisations’ attack surfaces, McAfee also warned, with data vulnerable while in transit across networks. Also likely to become a big issue in 2018 is the rise of monetisation, which compromises the privacy of consumers that will need to be more vigilant about what information they and their children put online.

“The evolution of ransomware in 2017 should remind us of how aggressively a threat can reinvent itself as attackers dramatically innovate and adjust to the successful efforts of defenders,” McAfee chief technology officer Steve Grobman said in a statement.

“We must recognise that although technologies such as machine learning, deep learning, and artificial intelligence will be cornerstones of tomorrow’s cyber defences, our adversaries are working just as furiously to implement and innovate around them.”

Cyber resilience will be particularly important as Australian organisations face increased pressure to quickly detect, respond to, and manage the repercussions of breaches in the wake of 2018’s Notifiable Data Breaches (NDB) scheme.

Copyright 2018 IDG Communications. ABN 14 001 592 650. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of IDG Communications is prohibited.